Attorney general Mark Dreyfus (pictured) is set to lay out a review of the Privacy Act, calling for sweeping changes to the Privacy Act that would copy many facets of the EU’s General Data Protection Regulations (GDPR).
The review suggested that companies would have to ask consumers for consent to collect and use precise geolocation tracking data and would prohibit targeted advertising to children except when it is in their “best interest” and provide others with “an unqualified right to opt out” of their personal information being used or disclosed for marketing purposes.
However, businesses would still be able to collect personal information for direct marketing without consent, provided they were not collecting sensitive information and consumers have the ability to opt-out. If a consumer does choose to opt-out, businesses would also continue to be able to target consumers for advertising and marketing — but they would not be able to target consumers based on their personal information.
For example, targeting a consumer based on some form of post-cookie ID would be allowed, as would the general targeting of consumers in a certain area.
The review would give Australians the power to object to the collection, use, and disclosure of personal information by companies, as well as the power to request that companies erase all the personal data they hold on them.
What’s more, Aussies would also be able to ask search engines to de-index search results containing sensitive information, excessive detail, or “inaccurate, out-of-date, incomplete, irrelevant, or misleading” information.
The suggestions in the report are not yet government policy. The rules, should they become policy, would also remove the existing exemption for political parties and small businesses from the Privacy Act.
“The Australian people rightly expect greater protections, transparency and control over their personal information and the release of this report begins the process of delivering on those expectations,” said Deryfus.
“The government is now seeking feedback on the 116 proposals in this report before deciding what further steps to take.”
“The challenge of realising the benefits of data-driven technology while protecting individuals’ privacy is one that countries are grappling with globally. While different countries take different approaches to privacy and data protection regulation, there have been significant developments in data protection laws internationally in recent years to respond to the technological developments in personal information handling,” said the report.
Lead image credit: Mark Dreyfus
